crypto: renamed hkdf_256

The RFC (5869) for this implementation defines two functions,
HKDF-Extract and HKDF-Expand. The existing 'hkdf_256' was implementing
the Extract function, so it was renamed appropriately. The name was
changed for consistency when the Expand function will be added in the
future.

src/crypto.c

@@ -411,7 +411,7 @@ bool kdf_sha256(const void *key, size_t key_len,
  *
  * Null key equates to a zero key (makes calls in EAP-PWD more convenient)
  */
-bool hkdf_256(const uint8_t *key, size_t key_len, uint8_t num_args,
+bool hkdf_extract_sha256(const uint8_t *key, size_t key_len, uint8_t num_args,
 			uint8_t *out, ...)
 {
 	struct l_checksum *hmac;

src/crypto.h

@@ -92,8 +92,8 @@ bool kdf_sha256(const void *key, size_t key_len,
 bool prf_sha1(const void *key, size_t key_len,
 		const void *prefix, size_t prefix_len,
 		const void *data, size_t data_len, void *output, size_t size);
-bool hkdf_256(const uint8_t *key, size_t key_len, uint8_t num_args,
-		uint8_t *out, ...);
+bool hkdf_extract_sha256(const uint8_t *key, size_t key_len, uint8_t num_args,
+			uint8_t *out, ...);
 
 bool crypto_derive_pairwise_ptk(const uint8_t *pmk,
 				const uint8_t *addr1, const uint8_t *addr2,

src/eap-pwd.c

@@ -282,9 +282,9 @@ static void eap_pwd_handle_id(struct eap_state *eap,
 
 	while (counter < 20) {
 		/* pwd-seed = H(token|peer-ID|server-ID|password|counter) */
-		hkdf_256(NULL, 0, 5, pwd_seed, &token, 4, pwd->identity,
-				strlen(pwd->identity), pkt + 9, len - 9,
-				pwd->password, strlen(pwd->password),
+		hkdf_extract_sha256(NULL, 0, 5, pwd_seed, &token, 4,
+				pwd->identity, strlen(pwd->identity), pkt + 9,
+				len - 9, pwd->password, strlen(pwd->password),
 				&counter, 1);
 
 		/*
@@ -492,13 +492,13 @@ static void eap_pwd_handle_confirm(struct eap_state *eap,
 	 * compute Confirm_P = H(kp | Element_P | Scalar_P |
 	 *                       Element_S | Scalar_S | Ciphersuite)
 	 */
-	hkdf_256(NULL, 0, 8, confirm_p, kp.x, ECC_BYTES, pwd->element_p.x,
-			ECC_BYTES, pwd->element_p.y, ECC_BYTES, pwd->scalar_p,
-			ECC_BYTES, pwd->element_s.x, ECC_BYTES,
-			pwd->element_s.y, ECC_BYTES, pwd->scalar_s,
+	hkdf_extract_sha256(NULL, 0, 8, confirm_p, kp.x, ECC_BYTES,
+			pwd->element_p.x, ECC_BYTES, pwd->element_p.y,
+			ECC_BYTES, pwd->scalar_p, ECC_BYTES, pwd->element_s.x,
+			ECC_BYTES, pwd->element_s.y, ECC_BYTES, pwd->scalar_s,
 			ECC_BYTES, &pwd->ciphersuite, 4);
 
-	hkdf_256(NULL, 0, 8, expected_confirm_s, kp.x, ECC_BYTES,
+	hkdf_extract_sha256(NULL, 0, 8, expected_confirm_s, kp.x, ECC_BYTES,
 			pwd->element_s.x, ECC_BYTES, pwd->element_s.y,
 			ECC_BYTES, pwd->scalar_s, ECC_BYTES, pwd->element_p.x,
 			ECC_BYTES, pwd->element_p.y, ECC_BYTES,
@@ -515,15 +515,15 @@ static void eap_pwd_handle_confirm(struct eap_state *eap,
 	pos += 32;
 
 	/* derive MK = H(kp | Confirm_P | Confirm_S ) */
-	hkdf_256(NULL, 0, 3, mk, kp.x, ECC_BYTES, confirm_p, ECC_BYTES,
-			confirm_s, ECC_BYTES);
+	hkdf_extract_sha256(NULL, 0, 3, mk, kp.x, ECC_BYTES, confirm_p,
+			ECC_BYTES, confirm_s, ECC_BYTES);
 
 	eap_pwd_send_response(eap, resp, pos - resp);
 
 	eap_method_success(eap);
 
 	session_id[0] = 52;
-	hkdf_256(NULL, 0, 3, session_id + 1, &pwd->ciphersuite, 4,
+	hkdf_extract_sha256(NULL, 0, 3, session_id + 1, &pwd->ciphersuite, 4,
 			pwd->scalar_p, ECC_BYTES, pwd->scalar_s, ECC_BYTES);
 	kdf(mk, 32, (const char *) session_id, 33, msk_emsk, 128);
 	eap_set_key_material(eap, msk_emsk, 64, msk_emsk + 64, 64, NULL, 0);

src/sae.c

@@ -137,7 +137,8 @@ static bool sae_pwd_seed(const uint8_t *addr1, const uint8_t *addr2,
 		memcpy(key + 6, addr1, 6);
 	}
 
-	return hkdf_256(key, 12, 2, out, base, base_len, &counter, 1);
+	return hkdf_extract_sha256(key, 12, 2, out, base, base_len,
+					&counter, 1);
 }
 
 static bool sae_pwd_value(uint8_t *pwd_seed, uint64_t *pwd_value)